34. These are the steps we have to
take to access an protected
resource
1. User fills in login form
2. We pass that data to an authentication
endpoint
3. The authentication endpoint returns an
access token
4. We send along this access token with each
request for protected data